Fraud attempts expected to rise this holiday season
Consumers and merchants aren’t the only ones preparing for the busiest shopping season of the year.
Fraud attempts are projected to increase by 14% during the holiday season, which spans Thanksgiving to New Year’s Day, according to new data from ACI Worldwide, a provider of electronic payment and banking solutions.
According to the study, the volume of purchases is expected to increase by 18%, while the value of purchases is expected to increase by 19% between Thanksgiving Day and Cyber Monday, compared to the same period last year.
Similarly, the value of fraud attempts is expected to increase by 17% between Thanksgiving and Cyber Monday, compared to the same period in 2017. The attempted fraud average ticket price, or a merchant’s average size of individual sales by credit card, is expected to increase 3% from $236 to $243.
When looking at specific shopping days, the volume of transactions on Thanksgiving Day is expected to increase 23% in 2018, compared to 2017. Volume of fraud attempts on Thanksgiving Day is expected to be high at 1.80%.
On Black Friday, volume of transactions is expected to increase 19% compared to 2017. Volume of fraud attempts on Black Friday is expected to be 1.30%.
On Cyber Monday, volume of transactions is expected to increase 14% compared to last year, and volume of fraud attempts is expected to be 0.93%.
Cross-channel fraud also continues to grow. In addition to traditional online channels, buy online, pick up in-store and call centers will be areas of focus for fraudsters, the study said.
“The first step to fighting fraud is knowing what you’re up against,” said Erika Dietrich, global director, Payments Risk, ACI Worldwide.
“Fraudsters prepare for peak holiday season just as much as merchants and consumers do,” she added. “Fraudsters will keep an eye on items that have limited inventory as it gives them an additional opportunity to steal and sell those items on the black market for a higher price so consumers and merchants alike must be vigilant in such cases.”
A different kind of data breach hits Nordstrom
Another retailer was hit by a cyber-attack, but this one didn’t target customer information.
Nordstrom was hit by a data breach that targeted the personal data of current and past employees. Information that may have been exposed includes names, Social Security numbers, dates of birth, checking account and routing numbers, salaries, among other data, according to The Seattle Times, which first broke the story.
The breach, which occurred on Oct. 9, stemmed from “a contract worker [that] improperly handled some Nordstrom employee data. Customer data was not impacted,” according to a company statement.
The company’s information security team promptly discovered the incident, and immediately notified law enforcement to begin a comprehensive investigation. The contract worker no longer has access to Nordstrom’s systems, and the company has put additional measures in place to help prevent a similar situation from recurring.
While the company has no evidence that data was shared or used inappropriately, the company immediately notified employees “so they can take the appropriate steps to monitor for any potential unauthorized activity,” the statement reported, adding that Nordstrom is also offering impacted employees free identity protection services for 24 months.
“No one company is immune to cyber-attacks, but how a company responds will make all the difference in restoring trust with customers and employees and proving that they have taken all possible actions to inform and mitigate the damage during an event,” said Ryan Wilk, VP of customer success for NuData Security.
“Nordstrom’s response time to this data breach incident is laudable as well as their attempts at transparency. Online companies should do more to devalue personal information or PCI Data so if a breach does occur the data obtained by cyber attackers is less valuable.”
Wilk also encourages retailers to use technologies, such as passive biometrics and behavioral analytics “to detect and devalue the data when bad actors use it to commit account takeover at login or attempting to create new accounts such as credit cards and loads,” he added. “It will dissuade bad actors from attempting to steal the data in the first place.”
Other retailers targeted by cyber-thieves this year include Hudson’s Bay Co.’s Saks, Saks Off Fifth and Lord & Taylor brands, Best Buy, Panera Bread, Sears Holdings, and Under Armour.
Albertsons to roll with Tesla trucks
Albertsons is making its Southern California fleet a little greener.
The supermarket giant announced the addition of 10 all-electric Tesla tractors to the fleet alongside its 2018 sustainability update.The new trucks will service Albertsons, Vons and Pavilions stores in the region, able to travel between 300 and 500 miles — sometimes more — on a single charge with a fully loaded trailer, using fewer than 2-kilowatt hours per mile.
“Advancing supply chain efficiency and sustainability is an important goal for our company,” said Tom Nartker, Albertsons VP of transportation. “We’re excited to pilot this expansion of our transportation program with trucks that help us limit our overall carbon footprint.”